Follow

Some absolute schmuck is trying to scoop more private keys into the cloud, what a raging cunt.

If you want to be taken seriously by people to take security seriously, don't ask them to give you their private key.

gist.github.com/AbstractBelief

taking the absolute cake is "Many Keybase users are now looking for alternatives as a result, primarily due to a lack of trust", but please upload your most sensitive of sensitive into an unknown provider with closed source after I scraped your email.

If anyone knows Ryan Lester / Cyph's social media, please forward this thread to him because they're absolutely retarded and they need to know.

@kline his email address is right there, is that insufficient?

@wowaname one person saying "this is a bad idea" is routine for startups.

Infosec twitter public shaming might work.

@kline or, his inbox filled with "this is a bad idea" :honk:

@wowaname I'm ok with people emailing him, but indications are it's a customer support platform, so a lot might just get instantly filtered away.

@kline Oh I got that one too.
One of my favorite parts is the P.S., as the mail was sent via sendgrid

@val yeah, mine had no mailer agent, but it did have the X-Feedback-ID header, which is what gmail says you need for high-volume campaigns.

Emails since have been sent via freshdesk.

@kline Those keys are called PRIVATE for a reason. Treat them like other private things, that is don't share them with anyone you wouldn't be happy to exchange dick pics with.

@mansr @kline what if we're sharing other people's dick pics :kumikosmug:
@wowaname @mansr @kline well, you can share other people's private keys :blobcat3c:

@kline

*** YOU HAVE BEEN CHOSEN !!! ***

I offer a new service:

PUK-ASS

{Priv keys as a service}

Also ^^^free^^^ bonus:

{Session keys as a service}

Description: you want send a file @securely@ ??? No problem! We generate random (&guaranteed!!!&) session key for you and send in password-protected secure [sic] ZIP !!! Your Satisfaction our Priority !!!

@kline I got the same email about a month ago, told him roughly the same thing and didn't hear back. I don't think they care.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!